<?php
$proceed = false;
$seconds = 60*10;
echo '<h1>Testing:</h1><p>Cookie: '.$_COOKIE['token'].'<br />Timestamp: '. $_POST['ts'].'</p>';
if(isset($_POST['ts']) && isset($_COOKIE['token']) && $_COOKIE['token'] == md5('secret salt'.$_POST['ts'])) $proceed = true;

if(!$proceed) { 
echo 'Form processing halted for suspicious activity';
exit;
}

if(((int)$_POST['ts'] + $seconds) < mktime()) {
echo 'Too much time elapsed';
exit;
}
echo '<h1>Success!</h1><br />Here is what you sent:';
print_r($_POST);
?>
<p>If you want to "attack" this form, <a href="clearCookie.php">try this demo.</a></p>
